Blender

Tool updated 4 months ago (2024-08-14T17:50:01.220Z)
Download STIX
Preview STIX
Blender, a renowned threat actor known for its involvement in the cybersecurity landscape, has recently been under scrutiny due to its alleged role in facilitating illegal transactions. Last year, the US imposed sanctions on crypto mixers Tornado Cash and Blender, targeting them as part of a broader crackdown on Lazarus Group options such as Bitcoin-based mixers Blender and Sinbad. The shift back to decentralized mixers like Blender is believed to be a reaction to law enforcement actions against large-scale services like Sinbad and Blender. In a significant development, Blender, along with Tornado Cash, is suspected of assisting North Korean threat actors in laundering $475m from an attack on Axie Infinity, funds that are likely to be channeled into the country's weapons and nuclear programs. The Blender Foundation, associated with the open-source 3D creation suite, not the threat actor, found itself at the center of a major Distributed Denial of Service (DDoS) attack that temporarily disrupted its server operations. The origins of the attack remain unknown, but the Blender Foundation promptly acknowledged the incident through an official statement. Despite the challenge posed by the attack, the Blender community, renowned for its resilience and collaborative spirit, quickly mobilized to address the situation head-on. In the wake of these events, six other foundations - Apache, Blender, OpenSSL, PHP, Python, and Rust - initiated a Brussels-based working group tasked with developing common specifications for secure software development. Drawing on their extensive open-source experience, they aim to establish standards for coordinated disclosure, peer review, and release processes. The Blender Foundation used its communication channels to keep its community informed, demonstrating transparency during the crisis and underscoring the commitment of the open-source community to protect its assets.
Description last updated: 2024-05-04T16:56:25.131Z
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Sinbad is a possible alias for Blender. Sinbad is a threat actor suspected to be operated by North Korean operatives, primarily for the purpose of laundering stolen cryptocurrency. According to Chainalysis, Sinbad processed $24 million in December and January, indicating its use as a new mixing service. However, it's effectiveness is yet
3
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Sinbad
Tornado Cash
Malware
Source
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Blender Tool was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
a year ago
DARKReading
a year ago
CERT-EU
a year ago
Securelist
2 years ago
CERT-EU
2 years ago
CERT-EU
a year ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
2 years ago
CERT-EU
a year ago
BankInfoSecurity
8 months ago
BankInfoSecurity
9 months ago
CERT-EU
9 months ago
CERT-EU
a year ago
CERT-EU
2 years ago
InfoSecurity-magazine
2 years ago